This page is a supplement to the Privacy Statement for Microsoft Lync Products. In order to understand the data collection and use practices relevant for a particular Microsoft Lync product or service, you should read both the Privacy statement for Microsoft Lync products and this supplement.

This privacy supplement addresses the deployment and use of Microsoft Lync Server 2010 software deployed in the enterprise’s network. If your company is using Lync Server 2010 as a service (in other words, if a third party [for example, Microsoft] is hosting the servers upon which the software runs), information will be transmitted to that third party.

Archiving

What This Feature Does: Archiving allows the enterprise administrator to archive instant messaging (IM) conversations, meeting activities and content, and usage characteristics, such as user sign-ins and conversation starts and joins.

Information Collected, Processed, or Transmitted: Archiving stores the content of IM conversations, information about the end user’s instant messaging usage, meeting content, and meeting information on a server the enterprise administrator configures. No information is sent to Microsoft.

Use of Information: The enterprise administrator can use this information to administer the enterprise’s use of Lync Server 2010.

Choice/Control: Archiving is turned off by default and can be turned on by an enterprise administrator by going to the Microsoft Lync Server 2010 Control Panel Monitoring and Archiving Settings page, and updating the Archiving Policy and Archiving Configuration.

Activity Feed

What This Feature Does: Activity Feed enables the end users to see "social updates" from their contacts on their Contacts list. It permits the end users to display to others your most recent personal notes, changes to your picture, and changes to your title or office location.

Information Collected, Processed, or Transmitted: End users will publish, through presence, the following information in Microsoft Lync 2010:

The update time of their corporate picture (from your enterprise’s corporate directory, such as Active Directory Domain Services)

A web picture (that the end user uploads and want others to see) with the updated time

The time their corporate title changed and the title itself (from the corporate directory)

The time their corporate office location changed and the office location itself (from the corporate directory)

A history of the last several personal notes that have been posted

Their Out of Office note from Microsoft Exchange Server

No information is sent to Microsoft.

Use of Information: This information will be shared with contacts in the end user’s Contacts list that are viewing their activity feed and are in a Family and Friends, Workgroup, Colleagues, or External Contacts privacy relationships.

Choice/Control: The enterprise administrator can configure the PersonalNoteHistoryDepth in-band setting which will control how many personal notes will be kept for the end user. If set to 0, then no note history is kept, and only the current note is stored (as it has been in past releases). Each end user will also have the ability to not publish anything to their Activity Feed by checking the appropriate setting in Lync 2010 Options.

Address Book Service

What This Feature Does: The Address Book Service allows Lync Server clients, such as Lync, Microsoft Lync 2010 Mobile, and so on, to search for contacts.

Information Collected, Processed, or Transmitted: The end user provides a search string that is then used to search for a match in the Address Book database or in the Address Book download files. Any matching records found for a given search string will be returned back to the client.

Use of Information: The information in the search string will be used to search for matching records.

Choice/Control: The Address Book Service is enabled by default. There is no option to disable this service.

Call Admission Control

What This Feature Does: Call Admission Control allows enterprise administrators to control the amount of Lync Server audio/video traffic on WAN link.

Information Collected, Processed, or Transmitted: Call Admission Control collects, processes and receives the IP addresses of the caller and the callee, the endpoint location information (inside or outside the enterprise network) of both sides, and whether the call is federated. No information is sent to Microsoft.

Use of Information: The enterprise administrator can use this information to administer the enterprise’s use of a particular WAN link for audio/video calls Lync Server.

Choice/Control: Call Admission Control is turned off by default and can be turned on by an enterprise administrator by going to the Lync Server 2010 Control Panel Network Configuration setting page, and updating the Global policy to enable bandwidth management.

Note: Emergency services could be impacted by Call Admission Control policies (that is emergency services might get routed to the wrong trunk).

Call Detail Records (CDR) Data Collection and Reporting

What This Feature Does: The Call Detail Records (CDR) Data Collection and Reporting feature collects and reports details of peer-to-peer communications and meetings that have occurred using Lync Server.

Information Collected, Processed, or Transmitted: If enabled, the data from all peer-to-peer communications and meetings is recorded in the CDR database. (The content is not recorded.) The CDR data is stored in the Monitoring Server database that is deployed in the enterprise and reported in a set of standard Monitoring Server reports. No information is sent to Microsoft.

Use of Information: The CDR data can be used to review the history of peer-to-peer communications and meeting that happened in the organization.

Choice/Control: CDR is turned on by default, but the enterprise administrator must install a Monitoring Server, connected to a Monitoring Server backend database, to collect the CDR data. The enterprise administrator can deploy the standard Monitoring Server reports or create custom reports by querying the Monitoring Server database.

Call Delegation

What This Feature Does: Call Delegation allows end users to assign one or more delegates who can place and answer calls on their behalf and set-up and join online meetings on their behalf.

Information Collected, Processed, or Transmitted: When delegate(s) answers calls on behalf of the end users, the end users will receive an e-mail notification informing them about this event. No information is sent to Microsoft.

Use of Information: End users can use this feature to work with their delegate(s), so that the delegate(s) can manage their schedule and meetings. The end users can also follow-up with their delegate(s) about the calls that were made or answered on their behalf.

Choice/Control: Call Delegation is turned off by default and must be turned on by the enterprise administrator by setting EnableDelegation to True.

Note: Enterprise administrators can set up Exchange Calendar Delegate sync-up with Lync Server. When enabled, Exchange Calendar Delegates with appropriate permissions (equal to or greater than Nonediting Author permissions) will be automatically added as the end user’s delegate in Lync. This does not change the end user’s Call Forwarding settings.

Caller ID Controls

What This Feature Does: The Caller ID Controls feature controls the phone number that is displayed to called party. The enterprise administrator can choose to suppress caller ID per route by providing an alternative number. The alternative number will be displayed as the caller ID for all the calls going out through that route. An example for this would be when an end user makes a call from their personal work phone number, the called party will see the general company number instead of the user’s personal work number.

Information Collected, Processed, or Transmitted: The phone number of the calling party is displayed

Use of Information: This is used to suppress the calling party’s phone number and display an alternative number.

Choice/Control: Suppress Caller ID can be checked or unchecked by going to Lync Server 2010 Control Panel Route page. If Suppress caller ID is not checked, the caller’s phone number will be displayed. If Suppress caller ID is checked, an alternative number must be provided and will be displayed to the called party

Calling Party Name Display

What This Feature Does: This Display Name contains the end user’s name as stored in the Lync Server local repository (Address Book Service). For outgoing calls from end users on Lync Server to the public switched telephone network (PSTN), this feature sends any Display Name information to the egress PSTN gateway/IP-PBX/session border controller.

Information Collected, Processed, or Transmitted: For outgoing calls from the Lync Server network, the Display Name is sent to the egress PSTN Gateway/IP-PBX/Session Border Controller if there are no privacy restrictions in Lync Server for providing this information. This information can then be displayed to the destination party for the call.

Use of Information: The information is used so the called party has the calling party’s name displayed along with the calling party’s phone number. This should not be considered as definitive.

Choice/Control: At present, there are no controls within Lync Server to set privacy restrictions for the provision of Display Name information. The Display Name is always transmitted from the server. Certain PSTN Gateways/IP-PBXs/Session Border Controllers may have the ability to filter or replace Display Name information per call direction (inbound, outbound).

Client-Side Logging

What This Feature Does: Client-side Logging enables the end users to log Lync usage information on their computer in their user profile.

Information Collected, Processed, or Transmitted: If enabled, information such as the following will be stored on the end user’s computer: meeting subject, location, session initiation protocol (SIP) messages, responses to their Lync conversations, information about the sender and receiver of each Lync message, the route that the message took, Contacts list, and Presence information. The contents of their Lync conversations are not stored. No information is automatically sent to Microsoft, but the end users or the enterprise administrator can choose to manually send the logs to Microsoft.

Use of Information: Client-side logs can be used to troubleshoot Lync issues.

Choice/Control: Client-Side Logging is turned off by default and must be turned on by the enterprise administrator by setting ucEnableUserLogging to 1.

Emergency Services (911)

What This Feature Does: When made available by the enterprise administrator Emergency Services allows Lync to transmit a location to a third-party routing service provider selected by the customer. The third-party routing service provider will then transmit the location to the emergency responders when an emergency services number is dialed (such as 911 in the United States). The enterprise administrator can restrict the emergency calling capability to the end user’s work location so the administrator should communicate to each end user the extent to which the emergency calling functionality is available. When enabled, the location information transmitted to emergency services personnel is the location that the enterprise administrator has assigned to the end user’s location (for example, an office number) and entered into the location database or, if such a location is not available, the location the end users may have manually entered in the location field. If the end users dial emergency services while using Lync via a wireless Internet connection while they are still in their work location, the location information transmitted to emergency responders will be merely an approximate location because it will be the location of the particular wireless endpoint with which their computer is communicating. The location information of that wireless endpoint, moreover, is input manually by the enterprise administrator, and, therefore, the location information transmitted to the emergency services personnel may not be the end user’s actual location. To be fully functional this feature requires the enterprise to retain a routing service provided by certified solution providers and the service is only available within the United States.

Information Collected, Processed, or Transmitted: The location information obtained by Lync is determined by the automatic location information populated by the enterprise’s Location Information Server (“LIS”) or by the location information the end user has manually entered in the location field. This information is stored in memory on the end user’s computer, so when an emergency services number is entered this location information is transmitted with the call for the purpose of routing to the appropriate emergency services provider and providing their approximate location. The end user’s location may also be sent via an instant message to a local security desk. For emergency calls, the call detail record will contain the caller’s location information. No information is sent to Microsoft.

Use of Information: Location is used for routing the call to the appropriate emergency services provider and for dispatching emergency responders. This information can also be sent to the enterprise's security desk as a notification with the caller’s location and call back information.

Choice/Control:

Disabled:

E911 is disabled by default. If enabled by the enterprise administrator, the Location Policy can be modified or removed from the subnets and/or users, and the routing service can be discontinued from the service provider.

Enabled:

A Location Policy that enables E911 is required to be defined and assigned to either subnet where unified communications (UC) clients will be registering from or to users or both. E911 routing service must be obtained from service provider and routing connectivity to the service provider established.

Location Infrastructure

What This Feature Does: End user location and time zone information is computed and shared with others over the presence functionality.

Information Collected, Processed, or Transmitted: The end user’s geographic location data is collected by one of two mechanisms: the user manually enters the data, or it is automatically populated by the enterprise’s Location Information Server (“LIS”). In addition, the end user’s time zone is retrieved from the Windows operating system on the end user’s computer. The location data that is collected consists of a "description" string as well as formatted address information. The description is any string that would help inform others about the end user’s location (such as “Home” or “Work”), while the formatted address information is a civic address(such as “5678 Main St, Buffalo, NY, 98052”). No information is sent to Microsoft.

Use of Information: The location description and time zone data are shared with others over Lync presence, based on how their Presence privacy is configured. The information is displayed in the user’s contact card. Note that the formatted address, or civic address, is not shared over the contact card but may be transmitted to emergency services personnel if the end-user makes an emergency call (e.g., 911). (See “Emergency Services” description.)

Choice/Control:

The enterprise administrator has the following controls:

EnhancedEmergencyServicesEnabled If set to True, the location name entry in the location field and a full Location dialog box are available by using the Set Location item in the location area menu. If it is set to False, a limited location entry is available for the location name in the location field. Also, when the control is set to True, location data will be shared for emergency services calls. If it is set to False, it will not be shared over emergency services calls. This cannot be overridden by end users. Be aware that the location description (either retrieved from LIS or entered by end user) will still be shared over presence regardless of how this toggle is set.

UseLocationForE911Only If set to True, the location data in the LIS will not be automatically shared via presence. If set to False, the location data in the LIS will be automatically shared over presence.

PublishLocationDataDefault This control configures the default behavior for all users who have not explicitly elected to share or not share their location description by using presence. If set to True, by default the location will be shared. If set to False, by default, the location will not be shared.

LocationRequired This setting controls whether end users are prompted to enter their location. There are three possible values: Yes, Disclaimer, and No.

Yes - Shows "Set your location" in red if there is no location data.

Disclaimer - Shows "Set your location" in red with an "X" beside it if there is no location data. End users can click the “X” to view the disclaimer. Note: If an enterprise administrator chooses this value, then they would need to populate the text of the disclaimer.

No - Shows "Set your location" in black when there is no location data.

Lync Web App Server

What This Feature Does: The Microsoft Lync Web App web component needs to be deployed in order to use Lync Web App, which is a Microsoft Silverlight browser plug-in based program that provides meeting experience.

Information Collected, Processed, or Transmitted: The end user’s sign in address, password, and meeting information will be used to authenticate the user before connecting him or her to a meeting. Program sharing and desktop sharing information will be shared with all users in that meeting. All meeting participants will be able to view the end user’s presence and contact information.

Use of Information: User sign in address, password, and meeting information will be used to authenticate the user before connecting him or her to a meeting.

Choice/Control: The Lync Web App web component is enabled by default.

Media Bypass Location aspects

What This Feature Does: Media Bypass determines the locality of the default local media termination IP addresses of a Lync Server user and the PSTN Gateway/IP-PBX/Session Border Controller that is to be used in a PSTN or PBX call associated with that user. If the two elements are located such that they are well connected, with no bandwidth constraints, and media bypass has been enabled, media will flow directly between the Lync Server user and the PSTN Gateway/IP-PBX/Session Border Controller, bypassing the Lync Server Mediation Server. The signaling for the call will continue to go from the Lync Server user to the Lync Server Mediation Server and to the PSTN Gateway/IP-PBX/Session Border Controller.

Information Collected, Processed, or Transmitted: The locality of the local default media termination IP address for the end user and the PSTN Gateway/IP-PBX/Session Border Controller is determined by matching each local default media IP address of each to a Bypass ID stored in the Lync Server configuration store. The Bypass ID is a GUID, and it is not filtered by the Access Proxy, so it is provided to outside users and federated users, as well as being available to inside users. This feature doesn’t send any information to Microsoft.

Use of Information: If the Lync Server user and the PSTN Gateway/IP-PBX/Session Border Controller are in the same locale, the Bypass ID associated with each element’s local default media IP will be the same. The party receiving the Bypass ID from its peer will see that its own Bypass ID is a match. In that case, the media for the call is allowed to go directly between the Lync Server user and the PSTN Gateway/IP-PBX/Session Border Controller, bypassing the Mediation Server.

Choice/Control:

Media bypass is by default disabled both globally and for each trunk to a particular PSTN Gateway/IP-PBX/Session Border Controller. The enterprise administrator can enable it both globally and for a particular trunk by using the two methods below.

Using the Lync Server Control Panel

Global bypass is enabled by clicking Network Configuration, double-clicking Global configuration in the list, and then, on the Edit Global Setting page, clicking Turn on media bypass and selecting the granularity.

Bypass for a particular trunk is enabled by clicking Voice Routing, clicking the Trunk Configuration tab, double-clicking an existing trunk, and then clicking Enable media bypass.

Using the Microsoft Lync Server 2010 Management Shell

The New-CsTrunkConfiguration or Set-CsTrunkConfiguration cmdlets can be used to enable media bypass for a trunk.

The New-CsNetworkMediaBypassConfiguration and Set-CsNetworkConfiguration cmdlets can be used to enable global media bypass.

Meeting Attachments

What This Feature Does: The end users can share files with meeting participants by uploading them as attachments.

Information Collected, Processed, or Transmitted: Attachments are stored on Lync Server according to meeting content expiration policies as defined by the enterprise administrator. The end users can choose to upload attachments. Attachments are downloaded by them or others in a meeting. No information is sent to Microsoft.

Use of Information: The information contained in uploaded Meeting Attachments is shared with other participants in a Lync meeting.

Choice/Control: The enterprise administrator can enable or disable this feature for any or all users through the AllowFileTransfer policy. This policy is enabled by default.

Peer to Peer File Transfer

What This Feature Does: Lync users can transfer files to one another in two-party IM conversations (not meetings).

Information Collected, Processed, or Transmitted: The file is transferred directly between the Lync clients. Users choose to initiate the file transfer and choose the file to be transferred. The file recipient must explicitly agree to receive the file. No information is sent to Microsoft.

Use of Information: The Peer-to-Peer File Transfer feature lets users send files to one another in a real- time manner during an IM conversation.

Choice/Control: The enterprise administrator can enable or disable this feature for any or all users through the EnableP2PFileTransfer policy. This policy is enabled by default.

Personal Picture

What This Feature Does: Personal Picture displays the end user’s personal picture to other end users. This is configured only by the end user and is different from the picture that is present in your enterprise’s corporate directory (such as Active Directory).

Information Collected, Processed, or Transmitted: The end user’s Personal Picture sharing preference and the web address for the picture are collected by using end user input and published through Lync presence. No information is sent to Microsoft.

Use of Information: The information is used to customize the end user’s experience and to share their picture with others.

Choice/Control:

The enterprise administrator controls:

Whether users share the pictures initially by default or not. This can be overridden.

The maximum size of a picture that any user could download.

What kinds of pictures are allowed.

PIN Authentication

What This Feature Does: PIN Authentication is a mechanism used to authenticate users joining Conference Auto Attendant meetings and to authenticate users deploying Microsoft Lync 2010 Phone Edition for the first time. The user enters the phone number or extension and PIN that Lync Server uses to validate the user’s credentials. A PIN can be set by the user or provisioned by an enterprise administrator.

Information Collected, Processed, or Transmitted: During authentication, the phone number or extension and the user’s PIN are collected. Lync Server validates this information against its backend database. The PIN is stored in the backend database as a one way hash for security purposes. Once set, the PIN is not visible to anyone. A PIN can be set or reset by a user or by an administrator or a help-desk user.

When an administrator or help-desk user sets or resets the PIN, the new PIN is shown and can be sent optionally in email to the user. The email template provided is customizable and includes text that informs the user that the PIN may have been viewed by the administrator or help-desk user, and, therefore, it is recommended that the user set the PIN again.

Use of Information:

The PIN is used by Lync Server to authenticate the user to the meeting or to deploy the phone running Lync 2010 Phone Edition.

Choice/Control: This is enabled by default. The enterprise administrator can disable PIN authentication from the Lync Server Control Panel Security Settings page, by checking the box for PIN authentication.

Polling

What This Feature Does: Lync users can conduct a poll and gather anonymous responses from participants during online meetings and conversations.

Information Collected, Processed, or Transmitted: Individual votes are anonymous. Aggregated poll results are seen by all presenters and can be shown to all attendees by any presenter. Polls are stored on Lync Server according to meeting content expiration policies, as defined by the enterprise administrator. No information is sent to Microsoft.

Use of Information: The Polling feature enhances collaboration by enabling presenters to quickly determine participant preferences.

Choice/Control:

The enterprise administrator has the following policies

EnableDataCollaboration : This policy allows enterprise administrator to restrict all data collaboration features – Microsoft PowerPoint Collaboration, File Sharing, Polling, Whiteboard Collaboration, and Attachments. If this policy is set to False, the feature level policies for these features are irrelevant.

AllowPolling: This policy allows enterprise administrators to enable or disable the Polling feature. This feature is enabled by default.

Presence and Contact Information

What This Feature Does: This feature allows the end users to access information published about other users (both within and outside their organization) and provides other users with access to information published about them, such as status, title, phone number, location and notes. The enterprise administrator may also configure interoperation with Microsoft Outlook messaging and collaboration client and Exchange so that the end users will display out of office messages and other status information.

Information Collected, Processed, or Transmitted: The end users use their sign-in address and a password to connect to Lync Server. They and their administrator can publish information about their Presence status and contact information that will be associated with their sign in. No information is sent to Microsoft.

Use of Information: Other Lync users and programs will be able to access the end user’s Presence and contact information to determine their published status and information so as to better communicate with them.

Choice/Control: End users can choose what information is published. The enterprise administrator also can configure published information on their behalf. The enterprise administrator can disable the end users’ ability to control their published information by going to the Lync Server Control Panel Users and IM and Presence Settings pages.

PowerPoint Collaboration

What This Feature Does: Lync users can show, view, and annotate PowerPoint presentations during an online conversation or meeting.

Information Collected, Processed, or Transmitted:

The end users’ actions drive all uses of this feature – whether they are uploading, navigating through, or annotating a PowerPoint presentation. Any file presented in a conversation or meeting will be transmitted to all meeting participants, and they will be able to retrieve it directly from a folder on their computers. The file owner or presenter can restrict others from saving the file in Lync, but this does not restrict them from retrieving or seeing it. PowerPoint files are stored on Lync Server according to the meeting content expiration policies defined by the enterprise administrator. No information is sent to Microsoft.

EnableDataCollaboration – This policy allows the enterprise administrator to restrict or permit all data collaboration features – PowerPoint Collaboration, File Sharing, Polling, Whiteboard Collaboration, and Attachments. If this policy is set to False, the feature level policies for these features are irrelevant.

In addition, presenters can restrict annotations on PowerPoint presentation by participant role (None, Presenters only, Everyone) through the Meeting Options dialog box. This setting is available per meeting.

Privacy Mode

What This Feature Does: Privacy Mode is a setting that allows the end users to share their presence information (such as Available, Busy, Do Not Disturb, and so on) only with contacts listed in their Contacts list.

Information Collected, Processed, or Transmitted: Enabling Privacy Mode causes Lync to enter a mode in which the end users can switch user settings so that their presence information is shared only with contacts in their Contacts list. No information is sent to Microsoft

Use of Information: The Privacy Mode setting is used by Lync to determine whether or not to enter the Privacy Mode.

Choice/Control:

The enterprise administrator, at the pool level, can choose to enable Privacy Mode (by using the EnablePrivacyMode in-band setting). Once enabled, by default, any end users of Lync will switch to Privacy Mode as soon as they sign in.

When Privacy Mode is enabled on the server, through the admin setting, the end users can choose to have either everyone to see their Presence (Standard Mode) or only their contacts to see their Presence (Privacy Mode). End users set their status in the Status tab, in the Options dialog box.

If Standard mode is enabled on the server, through the admin settings, end users cannot switch to Privacy Mode. They can operate only in Standard Mode. However, they can "pre-opt-out" of Privacy Mode so that if the administrator were to later switch to Privacy Mode, they would not be switched upon signing into Lync.

Private Line

What This Feature Does: Private Line is a feature that provides an unpublished additional phone number to an end user. The end user can choose to give out the additional phone number to others.

Information Collected, Processed, or Transmitted: from the Private Line feature is collected in a similar way to how calls to a regular non-private number are handled, that is, call details records will be stored just as they are for any call.

There are instances when the private number will be sent to a third-party inadvertently, such as when the caller to the private number transfers the call to another person.

Use of Information: This information is used to provide history of call occurrence. Please see the Call Detail Records Data Collection and Reporting section for more information.

Choice/Control: There are no end user or administrator controls for this feature.

Quality of Experience (QoE) Data Collection and Reporting

What This Feature Does: Quality of Experience (QoE) Data Collection and Reporting collects and reports media quality of peer-to-peer communications and meetings using Lync. These statistics include IP addresses, loss rate, devices used, poor quality events that occurred in the call, and so on.

Information Collected, Processed, or Transmitted: If the enterprise administrator enables QoE, media quality data of peer-to-peer communications Lync and meetings are recorded in the QoE database. This capability does not record the content of the Lync. The QoE data is stored in the Monitoring Server backend database deployed in the enterprise and reported in a set of standard Monitoring Server reports. No information is sent to Microsoft.

Use of Information: The enterprise administrator has access to this information and can use it to collect feedback on the quality of media that is flowing in the system. This includes user IP addresses.

Choice/Control: QoE is turned on by default, but the enterprise administrator must install a Monitoring Server, connected to a Monitoring Server backend database, to collect the QoE data. The enterprise administrator can deploy the standard Monitoring Server reports or create custom reports querying the Monitoring Server database.

Enterprise Administrators can turn off QoE reports by using the following Windows PowerShell cmdlet for Lync Server.

Set-CsQoEConfiguration –EnableQoE $False

Role Based Access Control

What This Feature Does: The Role Based Access Control (RBAC) feature enables delegation of administrative rights for enterprise administrator scenarios. The interaction of an enterprise administrator with the management interfaces can be limited to specifically allowed operations and by which objects can be modified.

Information Collected, Processed, or Transmitted: The capabilities of an enterprise administrator are evaluated at run time based on the user’s group membership, specifically Active Directory security groups. The capabilities of a role in the system are configured and set in the central management server.

Use of Information: An enterprise administrator can configure additional RBAC admin roles for a given deployment. An enterprise administrator can view all the roles another admin is a member of.

Choice/Control: This is the security/authorization mechanism for IT management tasks. The feature does not have impact on or visibility to the end users.

Recording

What This Feature Does: This feature allows organizers and/or presenters to record all aspects of a Lync session including who entered the meeting, audio, video and content such as IM conversations, program sharing, PowerPoint presentations, polling, handouts and whiteboards. When the organizer or other presenters pause or stop their recording, other recordings in progress are unaffected.

Information Collected, Processed, or Transmitted: If presenters choose to record, the recording will be saved to their computer. Additional video files generated from the recording are saved to presenter’s local computer by default but can also be saved to another computer, if specified by the presenter who is recording. When users upload content to a meeting, permission is granted to add that content to recordings that those users or others users create.

If there are failures during a recording's publishing phase, it is possible for data captured during a paused recording state to be unintentionally included in the recording. If any part of the publishing phase fails (See Recording Manager for a "Warning..." status), recordings should not be distributed to others even if they can be played back in some form.

Use of Information: The recording can be played by anyone who has access to the location where the recording is saved.

Choice/Control:

The enterprise administrator has the following controls:

AllowConferenceRecording: The default policy setting is False.

For the user who escalates from a peer-to-peer call into a meeting, if their policy is set to True, all presenters will be able to record.

For the user who starts an ad-hoc meeting, if their policy is set to True, all presenters will be able to record.

For the user who scheduled a meeting, if their policy is set to True at the time the first person joins the meeting, all presenters will be able to record.

For these three scenarios, if the user who escalated, initiated, or scheduled a meeting’s policy is set to False, recording is not available to any presenters or attendees.

If the policy is changed while a meeting is in session, the policy may not take effect until all participants have exited and re-entered the meeting.

EnableP2PRecording: The default is False and is set at the time the user signs in to Lync.

If set to True, a user who initiates a conversation with someone who also has this policy set to True will be able to record.

Users can record only if both parties on the peer-to-peer communication are permitted to record.

AllowExternalToRecord: The default is False. External users include both federated and anonymous users.

Meeting: The AllowExternalToRecord policy is applied at the time the first person enters the meeting and only when AllowConferenceRecording is set to True.

If set to True, in a meeting where recording is allowed, non-enterprise presenters, will also be allowed to record. If the policy is changed while a meeting is in session, the new policy will not take effect until all participants have exited and re-entered the meeting.

If set to False, in a meeting where recording is allowed, non-enterprise presenters will not be allowed to record. If the policy is changed while a meeting is in session, the new policy may not take effect until all participants have exited and re-entered the meeting.

Peer to Peer (P2P): The AllowExternalToRecord policy is applied to peer-to-peer conversations only when EnableP2PRecording policy is set to True.

If set to True, the non-enterprise user is allowed to record.

If set to False, the non-enterprise user will not be allowed to record, while the user preventing non-enterprise recording will be able to record.

Response Group Service -Agent anonymization

What This Feature Does: Response Group Service (RGS) enables enterprise administrators to create and configure one or more small response groups for the purpose of routing and queuing incoming phone calls to one or more designated agents or end users. This feature enables a RGS agent to handle calls without disclosing automatically his identity to the remote party.

Information Collected, Processed, or Transmitted: The identity of the agent is not displayed in a visual way if the remote party is using a Microsoft Communications client or a PSTN phone, but the identity is transmitted in Session Description Protocol (SDP) packets when IM modality is added to an anonymous voice call. The identity can therefore be retrieved from client traces. No information is sent to Microsoft.

Use of Information: A non-Microsoft Communications client could display the information about the agent in the user interface and hence reveal the identity of the agent. This could enable the remote party to call an agent directly without using the RGS.

Choice/Control: There are no end user or administrator controls for this feature.

Server-Side Logging

What This Feature Does: Server-Side Logging enables the enterprise administrator to collect different types of traffic that is travelling to and from any domain or Uniform Resource Identifier (URI).

Information Collected, Processed, or Transmitted: If the enterprise administrator enables logging for Lync, then traffic traveling to and from the specified domain or URI is included in the log files. Depending on configuration, this collected information can be used for debugging purposes. Information about the end users, such as the following, is logged to a file specified by the administrator: meeting subject, location, SIP messages, responses to Lync invites, information about the sender and receiver of each Lync message, the route that the message took, Contacts list, presence information, IM) conversation content, as well as the names of any shared programs, attachments, Microsoft PowerPoint files, whiteboards, polls, and poll questions, and an index of the poll option(s) they voted for. No information is automatically sent to Microsoft, but the administrator can choose to manually send information.

Use of Information: Server-side logs can be used to troubleshoot Lync issues, that is, to determine what issues are being encountered on which server or domain.

Choice/Control: Server-Side Logging is turned off by default and must be turned on by an enterprise administrator. The administrator can use the following Windows PowerShell command-line interface cmdlets to turn on or off this feature per site, service, or server: New-CsDiagnosticsFilterConfiguration, Set-CsDiagnosticsFilterConfiguration, and Get-CsDiagnosticsFilterConfiguration. To log the content of IM conversations, certain settings must be set with help from Microsoft Support.

Skill Search

What This Feature Does: This feature lets the end users search for people in their enterprise by using any property listed on Microsoft SharePoint (for example, name, email, skills, area of expertise, etc.). This feature is only available if the enterprise administrator has deployed SharePoint, and has enabled the interoperation of Lync 2010 and SharePoint.

Information Collected, Processed, or Transmitted: The search query entered in Lync 2010 will be sent to the enterprise’s SharePoint Server. The response from SharePoint is processed by Lync 2010, and the search results and related information is displayed. No information is sent to Microsoft.

Use of Information: Information entered by the user is sent to SharePoint to get search results, which are displayed in Lync 2010.

Choice/Control: This feature can be enabled or disabled by enterprise administrators by the 4 inband setting.

SPSearchInternalURL

SPSearchExternalURL

SPSearchCenterInternalURL

SPSearchCenterExternalURL

Unified Contact Store

What This Feature Does: Unified Contact Store consists of three main features:

Search merge – This feature merges the Active Directory Contacts with the personal Outlook contacts so that, upon searching for that contact, there will be only a single entry in search results.

Creating Outlook contacts for Lync 2010 contacts (contact synchronization) – Lync 2010 will create Outlook contacts for all the user’s contacts in the default contacts folder, if the user has Exchange 2010 or a later version mailbox. By backing all Lync 2010 contacts with an Outlook contact, the user can access Lync 2010 contact information from Outlook, Outlook Web Access, and mobile devices that synchronize contacts with Exchange.

Information Collected, Processed, or Transmitted: Lync 2010 aggregates contact information from Presence, Active Directory, and Outlook. This information is used internally by Lync 2010. When creating Outlook contacts, Lync 2010 will be writing Presence, Active Directory, and Outlook contact information to Exchange. No information is sent to Microsoft.

Use of Information: Contact information from Presence, Active Directory, and Outlook are shown in the Lync 2010 user interface (Contacts list, contact card, search results, and so on). This information can also be written to Exchange by using contact synchronization (as described above).

Voice Quality Improvements in Lync 2010

What This Feature Does: Lync 2010 provides notifications to end users when it detects device, network, or computer issues during the call.

Information Collected, Processed, or Transmitted: Information about the end user’s audio device setup, network set up and other media connections will be collected by Lync 2010 to determine what may be causing poor audio quality during a voice communication. The end user will be informed by Lync 2010 that there is a voice quality problem while others on the call are only shown a notification that the end users are using a device that is causing poor audio quality. They don't know what device the end user is using. No information is sent to Microsoft.

Use of Information: The information that is sent to others in the call is used to help improve the quality of the call.

Choice/Control: The enterprise administrator can turn off voice quality notification about devices by following the powershell command as described below.

Whiteboard Collaboration

What This Feature Does: This feature allows the end users to share virtual whiteboards in Lync 2010 and annotate them during online meetings and conversations.

Information Collected, Processed, or Transmitted: Annotations made on whiteboards will be seen by all participants. Whiteboards are stored on Lync Server 2010 according to meeting content expiration policies. No information is sent to Microsoft.

Use of Information: The Whiteboard feature enhances collaboration by enabling meeting participants to discuss ideas, brainstorm, take notes, and so on.

Choice/Control:

The enterprise administrator has the following policies

EnableDataCollaboration admin policy – This policy allows enterprise administrator to restrict all data collaboration features – PowerPoint Collaboration, File Sharing, Polling, Whiteboard Collaboration, and Attachments. If this policy is set to False, the feature level policies for these features are irrelevant.

AllowAnnotations administrator policy: This policy allows the enterprise administrator to restrict annotation capabilities for all meeting participants. If this setting is turned off, end users will not see an entry point to create a whiteboard in the Lync 2010 user interface.